# Kristall Help
This is the manual for the Kristall small-internet browser. It contains explanations on how to use the program, what each setting means and

## The Mission
Kristall tries to fill the hole of graphical browsers for alternative internet protocols with a high usability and feature richness.

## The main interface
The main interface of Kristall consists of three parts:

* the navigation bar on top,
* the content view in the center
* and the status bar on the bottom

### Navigation bar
In the navigation bar, you have some buttons and your URL bar.

You can enter any supported URL in the URL bar, press *Return* and Kristall will then load the page in the content view. You usually need to specify the url scheme to navigate to a site, but you can omit the gemini:// prefix for gemini pages. If the URL has no scheme, it will be automatically added by Kristall.

The two buttons on the left give you the ability to navigate back and forth in your browsing history. The button with the round arrow is the refresh button and allows you to reload the currently displayed site. While a site is loading, it is replaced with the stop button (square icon) that allows you to cancel the current request.

On the right side of the URL bar you will find two buttons:
The button with the small heart in it will add or remove this page to your favourites, this can be done as well by pressing CTRL-D. When the heart on the button is filled, the site is contained in your favourites. If not, the heart has only a outline display.
The button with the shield icon toggles your use of client certificates. Pressing it when no client certificate is enabled, a dialog will pop up asking you to select or create a certificate. When a certificate is enabled, the button will have a filled shield with a small lock in it. Pressing the button now will disable the currently used certificate. Note that if you're using a transient certificate, Kristall will ask you a safety question before destroying the certificate.

### Content view
The content view renders the requested document. For hypertext documents, you get a nicely rendered version of those documents, other text files are displayed in monospace. Audio and video files are played in a small built-in media player that allows you to play/pause the media, scroll around in the time line and mute/unmute audio. Images are rendered in an interactive view where you can drag the image around and zoom in/out with the mouse wheel.

Documents that can't be rendered will be displayed with file size and mime type, so you can save them to disk and open the files with another program.

### Status bar
The status bar displays auxiliary information:
On the left, you can see the link target when you hover a link. On the right, you can see the document size, time needed to load the document and the mime type of the content. This is especially important when Kristall is not able to render the document nicely.

## Menus
This chapter explains what each menu button does. I hope that most stuff isn't surprising 😉

### File
[New Tab] will open a new tab to surf.

[Save as] allows you to save the currently displayed file to your disk.

[Close Tab] will close the current tab. Does the same as clicking the small (×) button on the tab itself.

[Manage Certificates] will bring up a dialog that allows you to create, delete or change client certificates.

[Settings] will open a dialog that helps you configure Kristall to your likings.

[Quit] will close Kristall.

### Navigation
This menu contains means to navigate the internet.

[Go to home] will navigate your current tab to your home page.

[Backward] will navigate one page back in your history.

[Foreward] will navigate one page foreward in your history.

[Refresh] will reload the current page. This may be necessary for CGI scripts or other interactive content.

[Add to favourites] will add or remove the current page to your list of favourites.

### View
This menu allows you to show/hide dockable dialogs.

[Document Outline] toggles the document outline. Documents with text/gemini get an automatic outline generation that can be used to navigate larger documents quicker. This document is a good place to try that out!

[Bookmarks] opens a dock containing a list of all your favourite sites. Open your bookmarks into a new tab by double-clicking the entries.

[History] shows the surfing history of the current tab. Double-clicking an entry navigates back and forth in your history without disturbing the list.

### Help
This menu contains some stuff that provides help or information about Kristall.

[Help] displays this document.

[Changelog] will open a document that lists the changes in Kristall in a bulleted list.

[About] shows a dialog with some information about Kristall.

[About Qt] shows a dialog containing legal information about the Qt version used.

## Settings
Kristall offers a vast amount of settings. You can style the documents to your liking, changing fonts and colors. You can also fine-tune the behaviour of Kristall to match your likings and keep track of your trusted pages.

### Generic
This tab contains an unsorted list of settings that allow you to tweak Kristalls behaviour.

[UI Theme] controls whether the Qt interface is displayed in a dark or a light theme. You can adjust that to your system style or to your site rendering.

[Start Page] is the URL to the page that will be loaded for new tabs. Default is "about:favourites".

[Enabled Protocols] allows you to fine-tune which protocols are fetched by Kristall. By default, only Gemini is enabled, all other protocols are disabled. Disabled protocols are either not served with an error message or forwarded to your OS handler for that URL scheme.

[Text Rendering] allows to control whether Kristall parses text input files or not. This is usually set to [Fancy] which renders text/html, text/gemini, text/markdown and text/gophermap to a nice, hyperlinked display. When set to [Always plain text], Kristall will display all text/* files as plaintext files instead. This may be inconvenient, but necessary for misparsed sites.

[Enable text highlights] allows you to enable an experimental feature that allows *highlighting* and _underlining_ text in text/gemini documents. It will probably misrender, but you can try it out anyways.

[Gopher Map] allows you to chose a modern iconized style for gopher maps or, if you are an old schooler, just use a textual description of the item types in the map.

[Unknown Scheme] changes the behaviour how Kristall handles unknown/disabled URL schemes. [Use OS default handler] will invoke your OS default, [Display error message] will just pop up a message box and tell you that Kristall cannot handle this URL.

[Max. Number of Redirections] is a setting that allows you to restrict sites to redirect you only a certain amount of times before erroring out. Setting this to 0 will disable redirections completly, displaying an error with the target URL.

[Redirection Handling] allows you to fine-tune the way Kristall allows redirections. Each of the options defines if Kristall should ask you to allow the redirect or do it silently. [Ask for cross-scheme redirection] will pop up a message box if a host tries to redirect you from one URL scheme to another, e.g. when a web server redirects you from HTTP to HTTPS. [Ask for cross-host redirection] will pop up the message box for all redirections through host boundaries, e.g. when example.com redirects you to www.example.com. [Ask for cross-scheme or cross-host redirection] will enable both of the previous behaviours, asking when any cross-boundary redirection happens. [Ask for all redirections] will pop up a message box every time a server tries to redirect you, keeping you in full control over all redirections. [Silently redirect everything] is the exact oppositve of that, accepting all redirections without warning or notice.

[Network Timeout] is the time a server is allowed to *not respond anything* before a error message appears. As long as a server dripples some bytes to Kristall, no timeout will happen, so having a slow or bad connection shouldn't yield timeouts.

### Style
On this tab, you can tweak the document rendering in Kristall. On the left half you can see all possible colors and fonts you can tweak, on the right half of the window is a preview rendering with your currently selected style.
Most items in the *Style* category have either a [Font], [Color] or both buttons. Click these to change the respective value.

[Background Color] is the color that fills the empty space in a document.

[Standard Font] allows you to change the font that is used for all non-preformatted and non-heading text. Chose the color and font family/size/style.

[Preformatted Font] is the font and text color that is used for all <pre> tags in HTML or preformatted blocks in text/gemini. This should be a monospace font, otherwise ASCII art will break horribly. Note to MacOS X users: "Andale Mono" is a good font choice here.

[H1 Font] allows you to change the font and color for primary headings in documents.

[H2 Font] allows you to change the font and color for secondary headings in documents.

[H3 Font] allows you to change the font and color for ternay headings in documents.

[Local Link Color] is the color in which links that refer to the same host *and* protocol are rendered.

[Foreign Link Color] is the color in which links that refer to another host, but the same protocol are rendered. This helps to recognize when you change the content provider with a link.

[Cross-Scheme-Color] is used for all links that change protocol. For example: If you are currently visiting a gemini-served page and are referred to a page in gopher space, this color will be used. This gives you more control over your surfing experience.

[Local Link Prefix] is a small string that is placed before a link to the same host.

[Extern Link Prefix] is a small string that is placed before a link to a different host.

[Block Quote Color] is the background color that allows you to highlight block quotes.

[Auto-Theme Generation] is an experimental feature that can be set to [Disabled], [Light Theme] and [Dark Theme]. When not set to [Disabled], Kristall will ignore all your beautiful color settings and tries to create a color scheme based on the current pages host name. This allows different styles for each host visited and brings some recognizability in gemini and gopher space.

[Page Margin] is the distance of the page content to the border. Higher values look cooler, but make your display area smaller.

[Presets] is a cool feature to save, restore and share your color themes. The dropdown contains a list of all previously created colors schemes. With the [+] button you can create a scheme with a unique name. The floppy disk button will override the currently selected preset with all the settings displayed above. The folder button will restore a previously saved preset. The last two buttons allow you to import/export presets to disk and share them with your friends! Share all your beautiful color schemes with the world!

The lone text with with the [host.name] text in it can be used to preview some auto-generated themes. It only refreshes the preview and seeds the auto generator with a new host name.

### Gemini TLS and HTTPS TLS
These two sites contain the TLS settings for either Gemini or HTTPS. Both protocols are handled in the same way, but with different data sets, so each one has its own settings page.

[Trust Level] defines how you trust hosts. [Trust on first encounter] is also known as *Trust On First Use* (or TOFU) and will store the servers public key in Kristalls database of trusted hosts. If a host is later encountered that has changed its public key, an error will be displayed to the user that this host may be compromised (as the changing of a public key can be a man-in-the-middle attack). [Trust everything] will just happily accept every TLS server, ignoring the certificate issuer completly. [Manually verify fingerprints] allows you to chose whether you trust a server or not based on its fingerprint. This will be displayed in the error page as well as the option to add that server to your list of trusted hosts.

[Certificate Authorities] allows you to enable/disable the use of your systems CA trust store. Sites that can be enabled via the CA system will not be added to the list of trusted hosts (as it is only meant for TOFU/manual implementation), but will not error out. [Use local certificate authorities] will enable that behaviour, [Don't use local certificate authorities] will disable it.

[Trusted Hosts] displays your database of currently trusted hosts for either Gemini or HTTPS servers. You can see the host name (which is used for identification), the date when you trusted the server and the type of the key that server is using.

[Revoke trust] allows you to remove a server from your database. Select a server in the list and click the button. Kristall will now act as it hasn't ever seen that server before and will now handle the server as an unknown one.

## Certificate Manager
This dialog allows you to manage your client certificates. There are options to import, export, delete and create new certificates as well as manage your existing ones.

The window is separated in two halves:
The left half is the overview over your certificates and your available actions.
The right half contains information about the currently selected certificate.

The overview displays your certificates managed in groups. Each certificate is contained in a group that allows you to structure your certificates better. Good groups for example is *Accounts*, *Access Token*, *Games*, ... You can move certificates between different groups by using drag'n'drop. Just click the certificate and drag it over into another group.
When selecting a certificate, its details are displayed on the right side of the screen:
[Display Name] is the text you will see in the overview on the left and on the smaller dialog selection screen. You can type in here whatever you want, it's just for you. It's possible to edit this value.
[Common Name] is the CN value that was used when creating the certificate. Its used as a identifier and the only required field when creating the cert. You cannot change this.
[Expiration Date] is the date when your certificate expires.
[Expires in] shows the numbe of days until your certificate expires. This may be more intuitive to work with, but communicating the expiration date is recommended.
[Host Filter] is a security-measurement to shield you from accidental identity exposure. You can type in a URL with wildcards, using ? for a single character, * for any number of characters, including zero and […] for allowing a set of certain characters to be matched. When you try activating the certificate on a URL that does not match your Host Filter, Kristall will ask you if you really want to enable the certificate. This prevents you from accidentially using the certificate on a host or URL where it shouldn't be used.
[Auto-Enable Certificate] is built on top of the Host Filter. When you don't have a client certificate enabled *and* you visit a URL that matches the Host Filter property, Kristall will ask you if you want to enable that certificate. This is convenient when you need a certificate to visit that location anyways and this allows you to quickly enable your default certificate.
[Fingerprint] is the SHA256 fingerprint of this certificate.
[Notes] is a free-form text field for your private use. Kristall does not use this value what-so-ever. Use this field to make notes about that certificate.

You can find more information about the wildcard syntax here:
=> https://doc.qt.io/qt-5/qregexp.html#qregexp-wildcard-matching Wildcard Matching

Below the certificate overview are four buttons, described from left to the right:
[Create certificate] will open up the certificate creation dialog and allows you to create a new certificate.
[Import certificate] will open up the certificate i/o dialog. This allows you to import a existing certificate/key pair, supporting RSA and EC cryptography as well as PEM/DER encoded files.
[Export certificate] will open up the certificate i/o dialog. This allows you to export the currently selected certificate into a certificate/key pair. This allows PEM/DER encoded files and you should remember/note what kind of format your key has. Exporting allows you to back up you keys, change to another browser or share them with your friends (don't!).
[Delete certificate] will delete the currently selected certificate or group. You will get a security pop-up when deleting a certificate as this is a non-reversable operation (unless you made a back-up). Deleting empty groups is always allowed without pop-up, deleting non-empty groups is not allowed.

Using passphrases for importing/exporting certificates is currently not supported.

Please note that changes in this dialog are immediaty applied and there is no way back when doing an action. This may change in the future, but will stay like this for now.

## Certificate Selection Dialog
This dialog allows you to enable client certificates. It is opend by clicking the shield button in the navigation bar or it will automatically pop up when a site requests the use of a client certificate.

In the upper part, this dialog provides you with a list of all your persistent certificates. If you want to use one of those, select the certificate and click [Use]. Or simply double-click a certificate to chose it.
You can also ad-hoc create a new certificate with the click on [Create new identity]. This will open up the certificate creation dialog which allows you to create new identities.
On the lower part you can create temporary certificates that have a short lifespan and will be destroyed as soon as you disable the certificate or close your client.

## Certificate Creation Dialog
This dialog provides means to create a new persistent identity.

[Group] is the name of the group where this certificate should be stored. You can either chose an existing group from the drop down or just enter a non-existing name to create a new group ad-hoc.
[Display Name] is the title of the certificate that Kristall will show you. It will not be sent to a server ever.
[Common Name] is the CN field in the X509 certificate. It's required for identitication to the hosts.
[Exporation Date] is the date when your certificate becomes invalid. Kristall choses a default of "1 year from now on", but you can chose any time you want, even just 30 minutes. Better chose a long time though if you don't know how long you need that certificate.

With a click on [OK], Kristall will create a new certificate and put it in your certificate store. It can then be selected from the certificate selection dialog or certificate manager.

## Certificate I/O Dialog
This dialog enables you to import or export certificate-key-pairs into or from Kristall.

[Key Type] contains the type of your key. If you import, you need to select the correct key type there, if you export, it will be disabled, but shows the correct type of key for your identity.
[Key File] needs to be a full path to either a .der or .pem file where Kristall will load/store the key from/to.
[Certificate File] needs to be a full path to either a .der or .pem file where Kristall will load/store the certificate from/to.

## Shortcuts
This list contains all built-in shortcuts:

* Ctrl+T ⇒ New tab
* Ctrl+W ⇒ Close tab
* Ctrl+D ⇒ Quick add/remove from favourites
* Ctrl+L ⇒ Focus URL bar
* Ctrl+S ⇒ Save current file
* Ctrl+H ⇒ Go to home page
* Alt+Left ⇒ Navigate one page back
* Alt+Right ⇒ Navigate one page forward
* F1 ⇒ View this document
* F5 ⇒ Refresh current tab

## Protocol support
These protocols are currently supported via their respective URL schemes:
=> https://gemini.circumlunar.space/ Gemini
=> https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol HTTP/HTTPS
=> https://en.wikipedia.org/wiki/Gopher_(protocol) Gopher
=> https://en.wikipedia.org/wiki/Finger_protocol Finger

### Gemini
Kristall tries to implement the current feature set of the gemini specification. All response types of a gemini server are relayed to the user and the user choses when to do certain actions or not. Redirections are followed automatically.

### Gopher
Kristall provides access to gopherspace and supports most modern/common file types:
* Gophermaps / Directories
* Text
* Sound / Audio / Music
* Images / GIFs
* HTML
* Mirrors

There is currently no support for automatic redirection on URL: resources or special/oldschool file types like DOS/HexBin/UUencoded data.

### Built-in sites
There is also the scheme about: which can be used to access internal sites for configuration, usability or help (this is one of them!):
=> about:blank
=> about:favourites
=> about:help
=> about:updates
=> about:style-preview

## Security Concept
Kristall has some built-in security measures to make your browsing experience safe and sane.

### Philosophy

Kristall will always try to warn or ask you if anything critical will happen.
Sneakily redirecting you to another host?
You missed disabling your client certficiate when switching hosts?
Kristall will ask you whether you want to keep your current settings and continue or if you want to disable that feature. These security measures are quite non-intrusive and help you "not missing the click".

It will also make some artificial hurdles when you can *really* make something that is critical, like visiting a host with a mistrusted certificate or deleting your client certificates.

### Security Measures

* Client certificates will be disabled when doing a host or protocol switch
* Client certificates allow host filtering to double-opt-in for non-planned hosts
* Redirects check for cross-scheme or cross-host redirections.
* Fine-grained customizations
* Trusting TLS connections based on manually built lists, TOFU method or using the certificate authority system

## Supported Media Types
* text/plain
* text/gemini
* text/html
* text/markdown
* text/gophermap
* image/*
* audio/* via Qt multimedia
* video/* via Qt multimedia

All unrecognized text files will be rendered as text/plain documents with a monospaced font.

## Contact me
I'm eager to hear from your experience! Did everything work? Is something especially cool or bad? Tell me what you think or what annoys you!

Please note that everything here is still work-in-progress and may crash!

Mail:   kristall@mq32.de
GitHub: https://github.com/MasterQ32/kristall